We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
help please system tool problem
charliemousetelford
Posts: 20 Forumite
Hi I went on ebay last night and got this. Not knowing too much did a system restore to day b4. Then found you guys, followed instructions rkill, anti maleware stuff. Got a log with 4 infections.
Database version: 5892
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
27/02/2011 15:11:27
mbam-log-2011-02-27 (15-11-27).txt
Scan type: Full scan (C:\|)
Objects scanned: 225818
Time elapsed: 45 minute(s), 52 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\system volume information\_restore{129201fa-b0ac-49b3-96b2-deb8b91e727b}\RP370\A0132143.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\julie\application data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
All seemed ok then went onto AV mcafee it still won't update realtime is switched off even if you manually change it it defaults. Then tried to reinstall this via BT website as it is part of my package, couldn't finish instillation due to a problem, then computer went really funny. So did system restore but would only take me back to just b4 removing mcafee. Panic! Did maleware thing again and log shows nil
Database version: 5892
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
27/02/2011 20:31:30
mbam-log-2011-02-27 (20-31-30).txt
Scan type: Full scan (C:\|)
Objects scanned: 227442
Time elapsed: 57 minute(s), 26 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
What do I do? I think I want to remove Mcafee. and put on another AV what else do I need to do? Has it removed the problem or do I need to do other things. Please can you clever people help me. thank you
Database version: 5892
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
27/02/2011 15:11:27
mbam-log-2011-02-27 (15-11-27).txt
Scan type: Full scan (C:\|)
Objects scanned: 225818
Time elapsed: 45 minute(s), 52 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\system volume information\_restore{129201fa-b0ac-49b3-96b2-deb8b91e727b}\RP370\A0132143.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\julie\application data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
All seemed ok then went onto AV mcafee it still won't update realtime is switched off even if you manually change it it defaults. Then tried to reinstall this via BT website as it is part of my package, couldn't finish instillation due to a problem, then computer went really funny. So did system restore but would only take me back to just b4 removing mcafee. Panic! Did maleware thing again and log shows nil
Database version: 5892
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
27/02/2011 20:31:30
mbam-log-2011-02-27 (20-31-30).txt
Scan type: Full scan (C:\|)
Objects scanned: 227442
Time elapsed: 57 minute(s), 26 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
What do I do? I think I want to remove Mcafee. and put on another AV what else do I need to do? Has it removed the problem or do I need to do other things. Please can you clever people help me. thank you
0
Comments
-
your malwarebytes version is already out of date, so update it.
try scanning with this
http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/
post a hijackthis log
, and install avast 6 free instead of mcafee,
most if not all AV products are struggling to keep up with this type of malware, so you need to be careful what you click on!!
> . !!!! ----> .0 -
read
#14 for your Macacrap problem, then everyone should continue to read and act on the one same thread for RIK's solution until the Virii warriors get out updates to combat the issue.Disclaimer : Everything I write on this forum is my opinion. I try to be an even-handed poster and accept that you at times may not agree with these opinions or how I choose to express them, this is not my problem. The Disabled : If years cannot be added to their lives, at least life can be added to their years - Alf Morris - ℜ0 -
thanks, i've just updated maleware thingy again and i'm scanning again. I still have the mcafee on will I be ok getting it off and how do I do this as last time it went funny the computer, can I run that kaspery av with mcafee?0
-
the kaspersky is an on demand (ie manual) scanner, if it installs ok, they can run side by side
if it doesn't you may need to kill a process first, possibly using rkill!!
> . !!!! ----> .0 -
Database version: 5898
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
28/02/2011 00:27:02
mbam-log-2011-02-28 (00-27-02).txt
Scan type: Full scan (C:\|)
Objects scanned: 229202
Time elapsed: 50 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Did another run of updated log. Can someone check to see if need to use that combokill, think. I'm a real technophobe so don't really know what i'm doing. Help gratefully received0 -
I have managed to remove mcafee thanks for link. I have got avast 6 installed, did a scan but couldn't scan 6 files message was error the system cannot find the path specified (3)
What does this mean, does it mean there is still infection there?
Help please0 -
help? Have I sorted this virus?0
-
Please run COMBOFIX
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Shut down your anti virus
Follow the simple instructions it gives
Post the COMPLETE log it creates here (Split into sections if need be) ~ if there are loads of 'SNAPSHOT' pages then leave them out
If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe') Or SAVE as 'QWERTY' on download
(If no log comes up or you lose it, COMBOFIX.TXT can be found in C drive):idea:0 -
the website won't let me post my combo log as it thinks its spam as although i've browsed this site for years, I only registered fairly recently and haven't posted much, how can I show my combo fix log to AliEnRIK to view it?
thanks julie0 -
search and replace, and remove all the http or www entries
try an avast boot time scan and a kaspersky scan, and post a hijackthis log!!
> . !!!! ----> .0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.1K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards